Platform
Android App
What feature do you want?
Currently, MeshMapper sends channel pings to the #wardriving hash channel. This is a bit of a privacy risk, even if you choose to use "anonymous" mode, as anyone can join that channel and follow people around, even if they don't "know" the name.
MeshMapper should instead use randomly generated private channels. And then the anonymous mode can be removed entirely, as it becomes a non-issue. For each available slot in a region (or meta-region), generate a random private channel secret. When a client logs in, it downloads the slot's secret and registers the channel in the companion. (But give it a name that the app can find and remove if it has to cleanup after getting disconnected from the companion unexpectedly.) The MeshMapper backend has to do a little extra work to compare channel messages sent up via MQTT to the list of channel keys instead of a fixed key for the #wardriving channel, but given most regions limit slots to low numbers, this shouldn't be an excessive strain.
When a slot is released, after 10-15 minutes of being idle, generate a new random secret for the slot. This way, channel secrets are unlikely to end up leaking out, but if a client gets disconnected unexpectedly and reconnects quickly, they get the same slot secret again.
Why do you need it?
To improve privacy, making it near impossible for someone to trace anyone's movements by joining the #wardriving channel.
How important is this?
High - Would help a lot
Anything else?
No response
Platform
Android App
What feature do you want?
Currently, MeshMapper sends channel pings to the
#wardrivinghash channel. This is a bit of a privacy risk, even if you choose to use "anonymous" mode, as anyone can join that channel and follow people around, even if they don't "know" the name.MeshMapper should instead use randomly generated private channels. And then the anonymous mode can be removed entirely, as it becomes a non-issue. For each available slot in a region (or meta-region), generate a random private channel secret. When a client logs in, it downloads the slot's secret and registers the channel in the companion. (But give it a name that the app can find and remove if it has to cleanup after getting disconnected from the companion unexpectedly.) The MeshMapper backend has to do a little extra work to compare channel messages sent up via MQTT to the list of channel keys instead of a fixed key for the
#wardrivingchannel, but given most regions limit slots to low numbers, this shouldn't be an excessive strain.When a slot is released, after 10-15 minutes of being idle, generate a new random secret for the slot. This way, channel secrets are unlikely to end up leaking out, but if a client gets disconnected unexpectedly and reconnects quickly, they get the same slot secret again.
Why do you need it?
To improve privacy, making it near impossible for someone to trace anyone's movements by joining the
#wardrivingchannel.How important is this?
High - Would help a lot
Anything else?
No response